Dependabot is going crazy about example/package.json dependencies. Instead of merging a bunch of individual ones I'm choosing to give a modicum of TLC to the project's dependencies and update a few of them to quiet down some of this.
Basically I ran npm audit fix and upgraded a couple of dev dependencies, which got things down to an issue with the use of an old cookie-related library in express-session:
Dependabot is going crazy about example/package.json dependencies. Instead of merging a bunch of individual ones I'm choosing to give a modicum of TLC to the project's dependencies and update a few of them to quiet down some of this.
Basically I ran
npm audit fixand upgraded a couple of dev dependencies, which got things down to an issue with the use of an old cookie-related library in express-session:https://github.com/expressjs/session/issues/989
The example server isn't a production-quality demo so I'm not really worried about this.